CASA: Context-aware scalable authentication

SOUPS 2013 - Proceedings of the 9th Symposium on Usable Privacy and Security

Volumn , Issue , 2013, Pages

  Hayashi, Eiji ^a   Das, Sauvik ^a   Amini, Shahriyar ^a   Hong, Jason ^a   Oakley, Ian ^b  

^a CARNEGIE MELLON UNIVERSITY   (United States)

^b UNIVERSITY OF MADEIRA   (Portugal)

Author keywords

Context aware; Mobile; User authentication

Indexed keywords

AUTHENTICATION SCHEME; CONTEXT-AWARE; MOBILE; PROBABILISTIC FRAMEWORK; SCALABLE AUTHENTICATION; SECURITY AND USABILITIES; SECURITY REQUIREMENTS; USER AUTHENTICATION;

TELEPHONE SETS;

AUTHENTICATION;

EID: 84883062786     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2501604.2501607     Document Type: Conference Paper

References (33)

1. eToken. http://www.aladdin.com/etoken/.
2. RSA securID http://www.rsa.com/node.aspx?id=1156.
3. Advanced sign-in security for your Google account. http://googleblog. blogspot.com/2011/02/advanced-sign-insecurity-for-your.html.
4. Facebook Social Authentication. http://facebook.com/blog/blog.php?post= 486790652130.
5. Lax Passwords Expose Quater of PC Users to Theft. http://www. washingtonpost.com/wpdyn/content/article/2007/10/09/AR2007100901896.html.
6. When Security Gets in the Way. http://jnd.org/dn.mss/when-security-gets- in-the-way.html.
7. Adams A. and Sasse A. M. 1999. Users are not the enemy. Commun. ACM 42, 12 (December 1999), 40-46.
8. Amini S., Lindqvist J., Hong I. J., Lin J., Sadeh N., and Toch E. 2011. Caché: Caching Location-Enhanced Content to Improve User Privacy. In Proc. of MobiSys.
9. Bardram J. E., Kjær R. E., Pedersen MØ. 2003. Context-Aware User Authentication Supporting Proximity-Based Login in Pervasive Computing. In Proc. of UbiComp.
10. Burr W. E., Dodson D. F., and Polk W. T. 2006 Electronic authentication guideline. Tech report, NIST.
11. Buthpitiya S., Zhang Y., Dey A. and Griss M, n-gram Geo-Trace Modeling, In Proc. of Pervasive Computing.
12. Cheng P., Rohatgi P., Keser C., Karger P., Wagner G., and Reninger A. 2007. Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control. In Proc. of IEEE Symposium on Security and Privacy.
13. Corner M. D. and Noble B. D. 2003. Protecting applications with transient authentication. In Proc. of MobiSys.
14. Cranshaw J, Toch E., Hong J. I., Kittur A., and Sadeh N. 2010. Bridging the gap between physical location and online social networks. In Proc. of UbiComp.
15. Fischer I., Kuo C., Huang L., and Frank M. 2012. Short Paper: Smartphones: Not Smart Enough? In Proc. of SPSM.
16. Froehlich J. and Krumm J. 2008. Route Prediction from Trip Observations. Society of Automotive Engineers.
17. Gupta A., Miettinen M., Asokan N., and Nagy M. 2012. Intuitive security policy configuration in mobile devices using context profiling. In Proc. of PASSAT.González M. C., Hidalgo C. A., Barabási L. A. 2008. Understanding individual human mobility patterns. Nature 453, 779-782.
18. Hayashi E. and Hong J. I. 2011. A diary study of password usage in daily life. In Proc. of SIGCHI.
19. Herley C. 2009. So long, and no thanks for the externalities:The rational rejection of security advice by users. In Proc. of NSPW.
20. Hulsebosch J. R., Salden H. A., Bargh S. M., Ebben P. W. G, and Reitsma J. 2005. Context sensitive access control. In Proc. of SACMAT.
21. Inglesant P. G. and Sasse A. M. 2010. The true cost of unusable password policies: password use in the wild. In Proc. of SIGCHI.
22. Jakobsson M., Shi E., Golle P., and Chow R. 2009. Implicit authentication for mobile devices. In Proc. of USENIX.
23. Kalamandeen A., Scannell A., Lara E., Sheth A. and LaMarca A. 2010. Ensemble: cooperative proximity-based authentication. In Proc. of Mobisys.
24. Komanduri S., Shay R., Kelley P. G., Mazurek M. L., Bauer L., Christin N., Cranor L. F., and Egelman S. 2011. Of passwords and people: measuring the effect of password-composition policies. In Proc. of SIGCHI.
25. Krumm J. 2008. A Markov Model for Driver Turn Prediction. Society of Automotive Engineers.
26. Ni Q., Bertino E., and Lobo J. 2010. Risk-based Access Control System Built on Fuzzy Inferences. In Proc. of ASIACCS.
27. Riva, O., Qin, C., Strauss, K., Lymberopoulos, D. 2012. Progressive authentication: deciding when to authenticate on mobile phones. In Proc. of USENIX.
28. Orr, R.J. and Abowd, G.D. 2000. The Smart Floor: A Mechanism for Natural User Identification and Tracking. ACM Press, New York, New York, USA.
29. Peacock, A., Xian, K., Wilkerson, M. 2004. Typing patterns: A key to user identification, Security & Privacy, IEEE, vol.2, no.5, pp.40-47, Sept.-Oct. 2004.
30. Philip G. Inglesant and M. Angela Sasse. 2010. The true cost of unusable password policies: password use in the wild. In Proc. of SIGCHI.
31. Shay R., Komanduri S., Kelley P. G., Leon P. G., Mazurek M. L., Bauer L., Christin N., and Cranor L. F. 2010. Encountering stronger password requirements: user attitudes and behaviors. In Proc. of SOUPS.
32. Seifert J., De Luca A., Conradi B. and Hussmann H. 2010. TreasurePhone: Context-Sensitive User Data Protection on Mobile Phones. In Proc. of Pervasive.
33. Supriya Singh, Anuja Cabraal, Catherine Demosthenous, Gunela Astbrink, and Michele Furlong. 2007. Password sharing: implications for security design based on social practice. In Proc. of the SIGCHI.